package com.boot.filter;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.web.filter.AccessControlFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Slf4j
public class MyAccessControlFilter extends AccessControlFilter {
    /**
     * isAccessAllowed 返回true onAccessDenied不执行
     * isAccessAllowed 返回false onAccessDenied执行
     * 因为我们这里有servlet的request 所以可以做一些跳转、重定向操作
     */
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        log.info("access allowed");
//        return true;
        return false;//false:表示拒绝 执行onAccessDenied
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        log.info("访问拒绝也不自己处理，继续拦截器链的执行");
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        res.sendRedirect("/");
        return true;
    }
}

